Merge pull request #1762 from AzureAD/msal-node-cache-merge

[msal-node][#2] Merge cache logic in `msal-common` for `node` and `browser` platforms

Author: Prithvi Kanherkar

lib/msal-browser/src/app/PublicClientApplication.ts

@@ -3,12 +3,9 @@
  * Licensed under the MIT License.
  */
 import {
-    IAccount,
     SPAClient,
     INetworkModule,
-    TokenResponse,
     UrlString,
-    TokenRenewParameters,
     StringUtils,
     PromptValue,
     ServerError,
@@ -24,9 +21,11 @@ import {
     Constants,
     ClientAuthError,
     AuthorityType,
+    CacheSchemaType,
     AuthenticationResult,
     SilentFlowRequest,
-    AccountEntity
+    AccountEntity,
+    IAccount
 } from "@azure/msal-common";
 import { buildConfiguration, Configuration } from "../config/Configuration";
 import { BrowserStorage } from "../cache/BrowserStorage";
@@ -65,6 +64,7 @@ export class PublicClientApplication {
     // Input configuration by developer/user
     private config: Configuration;
 
+    // Default authority
     protected defaultAuthorityInstance: Authority;
 
     /**
@@ -197,10 +197,10 @@ export class PublicClientApplication {
     private async handleRedirectResponse(): Promise<AuthenticationResult> {
         // Get current location hash from window or cache.
         const {location: {hash}} = window;
-        const cachedHash = this.browserStorage.getItem(TemporaryCacheKeys.URL_HASH);
+        const cachedHash = this.browserStorage.getItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH), CacheSchemaType.TEMPORARY) as string;
         const isResponseHash = UrlString.hashContainsKnownProperties(hash);
 
-        const loginRequestUrl = this.browserStorage.getItem(TemporaryCacheKeys.ORIGIN_URI);
+        const loginRequestUrl = this.browserStorage.getItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.ORIGIN_URI), CacheSchemaType.TEMPORARY) as string;
         const currentUrl = BrowserUtils.getCurrentUri();
         if (loginRequestUrl === currentUrl) {
             // We don't need to navigate - check for hash and prepare to process
@@ -215,7 +215,8 @@ export class PublicClientApplication {
 
         if (this.config.auth.navigateToLoginRequestUrl && isResponseHash && !BrowserUtils.isInIframe()) {
             // Returned from authority using redirect - need to perform navigation before processing response
-            this.browserStorage.setItem(TemporaryCacheKeys.URL_HASH, hash);
+            const hashKey = this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH);
+            this.browserStorage.setItem(hashKey, hash, CacheSchemaType.TEMPORARY);
 
             if (StringUtils.isEmpty(loginRequestUrl) || loginRequestUrl === "null") {
                 // Redirect to home page if login request url is null (real null or the string null)
@@ -262,15 +263,15 @@ export class PublicClientApplication {
     /**
      * Use when initiating the login process by redirecting the user's browser to the authorization endpoint. This function redirects the page, so
      * any code that follows this function will not execute.
-	 * 
+	 *
 	 * IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
 	 * browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
-	 * 
+	 *
      * @param {@link (AuthenticationParameters:type)}
      */
     async loginRedirect(request: AuthorizationUrlRequest): Promise<void> {
-        // Preflight request
         try {
+            // Preflight request
             const validRequest: AuthorizationUrlRequest = this.preflightRequest(request);
 
             // Create auth code request and generate PKCE params
@@ -289,11 +290,11 @@ export class PublicClientApplication {
             throw e;
         }
     }
-	
+
     /**
      * Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects
-     * the page, so any code that follows this function will not execute. 
-	 * 
+     * the page, so any code that follows this function will not execute.
+	 *
 	 * IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
 	 * browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
      * @param {@link (AuthenticationParameters:type)}
@@ -454,18 +455,13 @@ export class PublicClientApplication {
      * @param {@link AuthenticationParameters}
      *
      * To renew idToken, please pass clientId as the only scope in the Authentication Parameters
-     * @returns {Promise.<TokenResponse>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
+     * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
      *
      */
     async acquireTokenSilent(silentRequest: SilentFlowRequest): Promise<AuthenticationResult> {
         // block the reload if it occurred inside a hidden iframe
         BrowserUtils.blockReloadInHiddenIframes();
 
-        const tokenRequest: AuthorizationUrlRequest = {
-            ...silentRequest,
-            redirectUri: "",
-        };
-
         try {
             // Send request to renew token. Auth module will throw errors if token cannot be renewed.
             return await this.authModule.getValidToken(silentRequest);
@@ -475,7 +471,8 @@ export class PublicClientApplication {
             const isInvalidGrantError = (e.errorCode === BrowserConstants.INVALID_GRANT_ERROR);
             if (isServerError && isInvalidGrantError && !isInteractionRequiredError) {
                 const silentAuthUrlRequest: AuthorizationUrlRequest = this.initializeRequest({
-                    ...tokenRequest,
+                    ...silentRequest,
+                    redirectUri: "",
                     prompt: PromptValue.NONE
                 });
 
@@ -524,9 +521,13 @@ export class PublicClientApplication {
      * Use to log out the current user, and redirect the user to the postLogoutRedirectUri.
      * Default behaviour is to redirect the user to `window.location.href`.
      */
-    logout(accountObj: IAccount): void {
+    logout(account: IAccount, authorityString?: string): void {
+        const authorityObj = StringUtils.isEmpty(authorityString) ? this.defaultAuthorityInstance : AuthorityFactory.createInstance(
+            this.config.auth.authority,
+            this.config.system.networkClient
+        );
         // create logout string and navigate user window to logout. Auth module will clear cache.
-        this.authModule.logout(accountObj, this.defaultAuthorityInstance).then((logoutUri: string) => {
+        this.authModule.logout(account, authorityObj).then((logoutUri: string) => {
             BrowserUtils.navigateWindow(logoutUri);
         });
     }
@@ -557,13 +558,24 @@ export class PublicClientApplication {
     }
 
     /**
-     * Returns the signed in account
+     * Returns all accounts that MSAL currently has data for.
+     * (the account object is created at the time of successful login)
+     * or null when no state is found
+     * @returns {@link IAccount[]} - Array of account objects in cache
+     */
+    public getAllAccounts(): IAccount[] {
+        return this.authModule.getAllAccounts();
+    }
+
+    /**
+     * Returns the signed in account matching username.
      * (the account object is created at the time of successful login)
      * or null when no state is found
-     * @returns {@link Account} - the account object stored in MSAL
+     * @returns {@link IAccount} - the account object stored in MSAL
      */
-    public getAccount(homeAccountId: string): AccountEntity {
-        return this.authModule.getAccount(homeAccountId);
+    public getAccountByUsername(userName: string): IAccount {
+        const allAccounts = this.getAllAccounts();
+        return allAccounts.filter(accountObj => accountObj.username === userName)[0];
     }
 
     // #endregion
@@ -575,13 +587,13 @@ export class PublicClientApplication {
      */
     private interactionInProgress(): boolean {
         // Check whether value in cache is present and equal to expected value
-        return this.browserStorage.getItem(BrowserConstants.INTERACTION_STATUS_KEY) === BrowserConstants.INTERACTION_IN_PROGRESS_VALUE;
+        return (this.browserStorage.getItem(this.browserStorage.generateCacheKey(BrowserConstants.INTERACTION_STATUS_KEY), CacheSchemaType.TEMPORARY) as string) === BrowserConstants.INTERACTION_IN_PROGRESS_VALUE;
     }
 
     /**
      * Helper to validate app environment before making a request.
      */
-    private preflightRequest(request: AuthorizationUrlRequest): AuthorizationUrlRequest {       
+    private preflightRequest(request: AuthorizationUrlRequest): AuthorizationUrlRequest {
         // block the reload if it occurred inside a hidden iframe
         BrowserUtils.blockReloadInHiddenIframes();
 
@@ -595,7 +607,7 @@ export class PublicClientApplication {
 
     /**
      * Helper to initialize required request parameters.
-     * @param request 
+     * @param request
      */
     private initializeRequest(request: AuthorizationUrlRequest): AuthorizationUrlRequest {
         const validatedRequest: AuthorizationUrlRequest = {
@@ -605,7 +617,7 @@ export class PublicClientApplication {
         // Check for ADAL SSO
         if (StringUtils.isEmpty(validatedRequest.loginHint)) {
             // Only check for adal token if no SSO params are being used
-            const adalIdTokenString = this.browserStorage.getItem(PersistentCacheKeys.ADAL_ID_TOKEN);
+            const adalIdTokenString = this.browserStorage.getItem(PersistentCacheKeys.ADAL_ID_TOKEN, CacheSchemaType.TEMPORARY) as string;
             if (!StringUtils.isEmpty(adalIdTokenString)) {
                 const adalIdToken = new IdToken(adalIdTokenString, this.browserCrypto);
                 this.browserStorage.removeItem(PersistentCacheKeys.ADAL_ID_TOKEN);